Science Score: 44.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
✓CITATION.cff file
Found CITATION.cff file -
✓codemeta.json file
Found codemeta.json file -
✓.zenodo.json file
Found .zenodo.json file -
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (14.1%) to scientific vocabulary
Repository
Basic Info
- Host: GitHub
- Owner: stratosphereips
- License: gpl-2.0
- Language: Python
- Default Branch: main
- Size: 23 MB
Statistics
- Stars: 1
- Watchers: 6
- Forks: 0
- Open Issues: 0
- Releases: 0
Metadata Files
README.md
MIPSEval
Multi-turn Injection Planning System for LLM Evaluation
MIPSEval is a modular framework for simulating and evaluating the behavior of Large Language Models (LLMs) in adversarial or structured multi-turn conversational scenarios. It supports both OpenAI-hosted models and locally hosted models.
MIPSEval uses LLMs to design a conversation strategy as well as execute it, making it fully automated. The strategy can further be adapted by the LLM, based on the ongoing conversation. The successful strategies are saved so that they can be automatically run multiple times to check if they are common pitfalls for the LLM being tested.

Features
- Modular structure with planner, executor, and judge components
- Multi-turn conversation handling
- Configurable attack logic via YAML
- Supports both OpenAI and local LLMs
- JSONL logging of interaction history
- Fully automated evaluation
- Strategy and execution are performed by LLMs
- 3 prompt types: Benign, Probing, and Malicious
- Strategies are updated based on the ongoing conversation
- LLM is used to judge success
- High variety of malicious tasks and jailbreaks/prompt injections
- Working in explore or exploit mode
- Evolving of successful strategies
- Any LLM can be tested with MIPSEval
- An extensible framework that allows evaluation of other aspects of LLMs
Installation
bash
git clone https://github.com/stratosphereips/mipseval.git
cd mipseval
pip install -r requirements.txt
cd src
Before running the tool, RAG of prompt injections and jailbreaks needs to be set up. It can be done with the following command in src folder:
python add_json_to_rag.py
The definitions and examples of jailbreaks and prompt injection that are used for RAG are provided in the prompt_injections_and_jailbreaks.json file.
You must also create a .env file with your API key (if using OpenAI):
OPENAI_API_KEY=your_openai_api_key
If the target LLM is a local model, the URL must be set in the llm_executor.py script, specifically in the call_local_api function.
Usage
Run the application using:
bash
python mipseval.py -e .env -c path/to/config.yaml -p openai -t openai '[-j conversation_history.jsonl]'
For local model usage:
bash
python mipseval.py -e .env -c path/to/config.yaml -p local -t local '[-j conversation_history.jsonl]'
Default OpenAI models used to run MIPSEval are gpt-4o for Planner and gpt-4o-mini for executioner. This can be changed in setup.py for executioner and llm_planner.py for planner (in getstepfor_evaluator function). Testing was done with the default models used.
Command-Line Arguments
| Argument | Description | Required |
|--------------------|----------------------------------------------------|----------|
| -e, --env | Path to environment file (.env) | Yes |
| -c, --config | Path to YAML configuration file | Yes |
| -p, --provider | MIPSEval Model provider: openai or local | Yes |
| -t, --target | Target Model provider: openai or local | Yes |
| -j, --json_history | Optional path to conversation log .jsonl | No |
Output
Conversations are logged in JSONL format. Three files are created: - Conversation History - Strategies - Victorious Strategies
Demo

License
This project is licensed under the GNU GPL License. See the LICENSE file for details.
Contributing
Contributions are welcome. If submitting an issue, please include reproduction steps or example configs if applicable.
About
This tool was developed at the Stratosphere Laboratory at the Czech Technical University in Prague.
Owner
- Name: Stratosphere IPS
- Login: stratosphereips
- Kind: organization
- Location: Prague
- Website: https://www.stratosphereips.org
- Twitter: StratosphereIPS
- Repositories: 25
- Profile: https://github.com/stratosphereips
Cybersecurity Research Laboratory at the Czech Technical University in Prague. Creators of Slips, a free software machine learning-based behavioral IDS/IPS.
Citation (CITATION.cff)
cff-version: 1.2.0
title: MIPSEval
date-released: 2025-07-08
url: "https://github.com/stratosphereips/MIPSEval"
message: "If you use this software, please cite it as below."
authors:
- family-names: "Sladic"
given-names: "Muris"
email: sladimur@fel.cvut.cz
affiliation: >-
Stratosphere Laboratory, AIC, FEL, Czech
Technical University in Prague
orcid: "0009-0002-9308-2086"
- family-names: "Catania"
given-names: "Carlos"
email: harpo@ingenieria.uncuyo.edu.ar
affiliation: >-
School of Engineering, UNCuyo
orcid: "https://orcid.org/0000-0002-1749-310X"
- family-names: Garcia
given-names: Sebastian
email: sebastian.garcia@agents.fel.cvut.cz
affiliation: >-
Stratosphere Laboratory, AIC, FEL, Czech
Technical University in Prague
orcid: 'https://orcid.org/0000-0001-6238-9910'
GitHub Events
Total
- Watch event: 1
- Push event: 7
- Public event: 1
- Create event: 9
Last Year
- Watch event: 1
- Push event: 7
- Public event: 1
- Create event: 9
Dependencies
- actions/checkout v2 composite
- anothrNick/github-tag-action 1.36.0 composite
- PyMuPDF *
- PyYAML *
- chromadb *
- openai *
- python-dotenv *
- requests *